Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-11 | CVE-2012-6682 | Cross-site Scripting vulnerability in Dragonbyte-Tech Vbdownloads Module 1.3.2 Cross-site scripting (XSS) vulnerability in downloads/actions/editdownload.php in the DragonByte Technologies vBDownloads module 1.3.2 and earlier for vBulletin allows remote attackers to inject arbitrary web script or HTML via the mirrors[] parameter. | 6.1 |
| 2018-01-11 | CVE-2012-6671 | Cross-site Scripting vulnerability in Dragonbyte-Tech Forumon RPG Module Multiple cross-site scripting (XSS) vulnerabilities in actions/main.php in the DragonByte Technologies Forumon RPG module before 1.0.8 for vBulletin when creating a new monster, allow remote attackers to inject arbitrary web script or HTML via the (1) monster[title] or (2) monster[description] parameters. | 6.1 |
| 2018-01-11 | CVE-2012-6670 | Cross-site Scripting vulnerability in Dragonbyte-Tech Vbactivity Module Multiple cross-site scripting (XSS) vulnerabilities in the DragonByte Technologies vbActivity module before 3.0.1 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the reason parameter in (1) actions/nominatemedal.php or (2) actions/requestmedal.php. | 6.1 |
| 2018-01-11 | CVE-2012-6668 | Cross-site Scripting vulnerability in Dragonbyte-Tech Vbshout Module Multiple cross-site scripting (XSS) vulnerabilities in the Shout Reports in the DragonByte Technologies vBShout module before 6.0.6 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the (1) reportreason parameter in actions/doreport.php or (2) modnotes parameter in actions/updatereport.php. | 6.1 |
| 2018-01-11 | CVE-2018-1361 | Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0/9.0.0.0 IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. | 6.1 |
| 2018-01-11 | CVE-2017-1740 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2018-01-11 | CVE-2017-1739 | Cross-site Scripting vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting. | 5.4 |
| 2018-01-11 | CVE-2012-6667 | Cross-site Scripting vulnerability in Dragonbyte-Tech Vbshout Cross-site scripting (XSS) vulnerability in vbshout.php in DragonByte Technologies vBShout module for vBulletin allows remote attackers to inject arbitrary web script or HTML via the shout parameter in a shout action. | 6.1 |
| 2018-01-11 | CVE-2018-0118 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
| 2018-01-10 | CVE-2018-0011 | Cross-site Scripting vulnerability in Juniper Junos Space A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device. | 5.4 |